HummingBad, having infected more than 10 million Android devices worldwide, proves profitable to China’s “Yingmob.” Observers worry that the malware could be turned to uses more nefarious than clickfraud.
Bitdefender warns Mac users against “Eleanor,” a bogus document converter app (not available through Apple’s App Store) whose only functionality is a backdoor.
The ThinkPwn zero-day, about whose risk-level authorities differ, but which they agree is non-negligible, appears to affect Gigabyte motherboards’ firmware as well as UEFI drivers in Lenovo and HP laptops. There’s no fix out, yet.
Pseudo-Darkleech, the campaign Sucuri discovered in March 2015, continues morphing to evade detection. SANS says the ransomware campaign eliminated large blocks of telltale code and shifted exploit kits from Angler to Neutrino.
In industry news, Symantec’s stock price enjoyed a strong June surge, and Darktrace gets another $64 million funding round.
Many observers think ISIS’s end-of-Ramadan wave of massacres may have gone too far. States opposed to ISIS (notably France and the EU) are revising their intelligence approaches to counter-terrorism. But it remains unknown whether murder displayed online is losing its appeal to the Caliphate’s demographic.
In the US, the FBI yesterday declined to recommend indictment of former Secretary of State Clinton for mishandling classified information. FBI Director Comey said she did mishandle it, and that foreign intelligence services probably gained access to her private emails, but that other elements normally warranting prosecution were lacking. The FBI also excoriated the State Department for its carelessness with classified information. (In its démarche, State disagreed.)